cerlestes
cerlestes
/ nginx-baduris.conf
Last active
November 24, 2022 01:15
A fail2ban filter configuration to catch vulnerabilities-testing software
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban filter for catching failed accesses to most likely unwanted, exposing and dangerous files. | |
| # This will catch a lot of different scanning tools that are trying to find vulnerable applications. | |
| # | |
| # IMPORTANT | |
| # This filter is quite heavy. If you enable it for the nginx access log, it will have to run a giant | |
| # regular expression on each line. Please check out the best practice wiki page for more information | |
| # on how to enable your nginx configuration to minimize the load on Fail2Ban: | |
| # https://github.com/fail2ban/fail2ban/wiki/Best-practice | |
| # | |
| # EXAMPLE USAGE |
cerlestes
/ regexp.txt
Created
November 14, 2017 12:39
Regular Expression für Deutsche Telefonvorwahlen (regular expression for german telephone area codes)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Quelle: https://www.bundesnetzagentur.de/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Nummerierung/Rufnummern/ONRufnr/ON_Einteilung_ONB/ON_ONB_ONKz_ONBGrenzen_node.html | |
| # Quelle: https://www.bundesnetzagentur.de/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Nummerierung/Rufnummern/Rufnummern_node.html | |
| # Quelle: https://www.billiger-telefonieren.de/thema/handy-vorwahlen/ | |
| # Zweistellige Großstädte | |
| 30|40|69|89| | |
| # Dreistellige Vorwahlen | |
| 20[12389]|21[24]|228|234|335|340|3[3-9][15]|906|[2-9][1-9]1| | |
| # Vierstellig Neue Bundesländer | |
| 3(?: |
cerlestes
/ nginx-badbots.conf
Last active
June 26, 2020 16:07
A fail2ban filter configuration to catch known malicious user agents
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban filter for catching access via known spam bots, crawlers, vulnerability scanners and other malware. | |
| # The filter will also find accesses to honeypot URLs. Place them as links on websites or disallow them in robots.txt. | |
| # | |
| # EXAMPLE USAGE | |
| # The following configuration watches all nginx logfiles and immediately bans after the first fail. | |
| # | |
| # [nginx-badbots] | |
| # maxretry = 1 | |
| # enabled = true | |
| # port = 80,443 |